This was going to be a support request, but I finally figured out the issue last night.
Ever since the emails were sent about basic authentication being disabled on September 16th, I have been trying to get K9 using OAuth 2.0. Switching the Incoming Server setting worked, but the outgoing test always failed with a vague error:
Checking outgoing server settings failed
Authentication error
The server returned the following message:
Authentication unsuccessful
The answer turned out to be very simple: I have multiple aliases set up on the Outlook.com account, and one of these gets used for most correspondence. For whatever reason I had used the alias as the credentials when setting up K9, which was fine - the incoming and outgoing servers allow your connection using any valid alias - but for whatever reason OAuth breaks this pattern (only on the outgoing server). Once I switched the Username in the Outgoing server settings to match the account’s original email address, it worked immediately.
Probably an uncommon configuration, but I haven’t been able to find this documented anywhere - hopefully this info helps somebody out.
[EDIT: Somehow deleted the original post, trying to post again but it’s “too similar” ]